The Connected Effect

Brittany Calvanese

Recent Posts

The Internet of Secure Things: Vulnerabilities Beware!

Posted by Brittany Calvanese

Jul 8, 2014 10:26:00 AM

By Rob Black, CISSP

I hope you are enjoying the summer as much as I am, and that you have some well-deserved time off ahead of you.  But before you take off, I’d like to play out a security scenario with you. Imagine your company manufactures mission critical machines and a couple of days before you depart on your dream vacation you discover that 10,000 machines deployed across hundreds of customer locations have a software flaw, the result of which could be a serious security problem for your customers and a significant risk to your organization.  The engineers on your team have developed a patch for the vulnerability. Do you: Internet of Secure Things

  • Send out an email advisory of the problem and hope that customers will download the patch while you are on vacation, and there will be no major headaches for customer support during your absence. (If this is the case, you should worry if you will have a job when you return.)
  • Cancel your vacation and start copying the patch to thousands of USB memory sticks to be mailed out to every customer location. (If this is the case, that “well-deserved” vacation doesn’t seem to apply)
  • Something else.

Given that you are reading a blog on an IoT and you are interested in security, I am betting that you picked c) Something else.   

That something else is the IoT.  The ability to connect to a machine is critical to being able to ensure that it is secure. An unconnected machine is one that is likely unpatched and therefore vulnerable.

While connecting to your machines is laudable, it is not enough.  There are many components to a IoT project including the means to update the software, what we at Axeda call Connected Content.

Not only does your solution need to be aware of the version, the right steps to perform, what to do if an error occurs, but also needs to consider what network bandwidth constraints may exist.   Unless your customers have unlimited bandwidth you might want to limit how many are being deployed at a given moment in time.

Now what if the machine is performing a critical operation like for instance “in surgery” literally opening up someone’s chest in an operating room? It might not be a good time to perform a software update. You need the ability to put the device into a mode that prohibits it from doing the update at that time.

Up to this point we have assumed that all machines were the same. What if machines have different configuration, different boards, different chips, different modules, or different software? Can the same patch be applied identically to all your machines? You need software that can differentiate between the various versions and apply the appropriate software.

Now that we have sent out updates to thousands of machines we need the ability to audit, monitor, and report on the results and identify any problematic machines that might need additional intervention. The software has to have the tools to track which machines were updated and which ones had problems that require manual intervention.

It sounds like a tall order for any solution to be able to meet all of these requirements. And it is. The Axeda Connected Content solution was designed for product manufacturers to be able to meet the rigorous requirements outlined above. Our customers that utilize Axeda Connected Content are able to update content on thousands of machines managing vulnerability fixes, other software updates, as well as pushing configuration data. You can learn more about how Axeda Connected Content is solving real world problems with ecoATM from the posted webinar.

With Axeda Connected Content helping to protect your machines you can enjoy your summer!

Topics: Axeda, Internet of Things, IoT security, Internet of Secure Things

The Internet of Secure Things

Posted by Brittany Calvanese

May 19, 2014 11:31:00 AM

By Rob Black, Axeda

Here at Axeda we just finished a very successful Connexion 2014 conference where global thought leaders in the Internet of Things (IoT) gathered in Boston for our multi-day event. IoT securityOne of the themes that I heard again and again from practitioners of IoT is that their security story needed improvement in order to assure customers that their IoT solution could be utilized safely. There is a lot of noise from the entertainment world and popular press about killer pacemakers and spam-sending-refrigerators that has crowded out the less sensational reality that  -- IoT Security is not fundamentally different from network security, and there are a plethora of strong security practices that can be readily applied to IoT.

Many customers who are deploying IoT are frustrated by the resistance that some IT and security departments exert when an IoT solution can clearly help them solve business challenges for their deployed machines. Lack of connectivity is not the solution to a security problem, and that thinking should be turned on its head. If companies are concerned about security and compliance here are the questions that they should ask. These questions are based on real-world events that our customers have observed and not based on theoretical thinking.

  • How can you be certain that machines are being used for their appropriate business purposes and not for gaming or other (worse) personal activities?
  • How can you ensure that the appropriate policies have been applied to the machine? Are policies applied in a consistent manner or does it depend on the technician and date of machine provisioning/servicing?
  • What is your update strategy should a software vulnerability be found on thousands of your machines? Does your plan involve running around with a USB stick to every machine?
  • How do you connect to the machine for remote service support? Do you use web meeting tools? Does that mean that the remote user has an elevated level of access? Are the changes audited?

If your answers to the questions above are unfavorable perhaps you should consider using an IoT solution to help you solve your security and compliance problems. Connectivity and diligent management is the key to successfully managing devices in your enterprise. Axeda has helped many customers to examine and address the challenges listed above. For instance the ability to log every significant action at the device level can help organizations to ensure compliance with regulations and protect against rogue employees utilizing remote desktop applications to perform non-authorized activities on business critical machines.

Once you have decided to pursue an IoT solution, there are a number of steps required to ensure that it is secure. The first and most important step is to get senior management buy-in. While this might not be the most obvious path for technically minded folks, it is the one that can help you to solve a number of problems long term. Senior management needs to be sold on the business value of this project. If there is sufficient business value then they can help you get the appropriate resources to address security or other requirements that might be a part of the project.  They can help to move obstacles that may be in the way of a successful project.

Before getting the buy-in, however, management may ask for an assessment of a particular IoT solution. Since an IoT solution is comprised of so many parts, we break it down into seven key segments to more easily perform analysis for security purposes:

  • Device
  • Inside the firewall software and communications
  • Outside the firewall communications
  • Cloud operations
  • Cloud platform
  • Cloud development
  • Cloud applications

Over the next several blog posts we’ll dig into key security topics utilizing the above framework and provide you with an understanding of what you can and should expect from an IoT vendor, and which challenges are better addressed from within your own organization.  If you can’t wait until the next post, check out our security white paper in the interim. Stay tuned!

Bio:
Rob Black is Director of Platform Product Management at Axeda where he overseas the direction of the Axeda Machine Cloud Platform. In addition to his expertise in Internet of Things (IoT) and Machine-to-Machine (M2M), Rob has extensive experience in security, web services, and cloud solutions. Rob’s product management and product marketing background includes positions at RSA Security, 3Com, and Vertical Communications. Rob received his MBA from the Kellogg School of Management and holds two Bachelor of Science degrees from Washington University in St. Louis in Computer Science and System Science and Engineering. He is the inventor of three security related patents and is also a Certified Information Systems Security Professional (CISSP).

Topics: Axeda, Axeda Connexion, Internet of Things, IoT security

Making Internet of Things Connections at the Axeda Connexion 2014 Conference

Posted by Brittany Calvanese

May 12, 2014 9:41:00 AM

By Jeff Kaplan, THINKstrategies

The increasing attention and accelerating innovation in the ‘Internet of Things’ (IoT) marketplace was clearly on display at the Axeda Connexion 2014 conference May 6-7 in Boston. The event brought together over 600 attendees from more than 150 companies Axeda Connexion 2014worldwide to share perspectives and best practices regarding how to capitalize on the rapidly expanding consumer and commercial opportunities created by the IoT.

Axeda has been at the forefront of the IoT movement as a pioneer of the previous generation of machine-to-machine (M2M) technology. In the same way the vision of the ‘connected world’ has expanded from connected devices and systems to a broader set of connected objects and services, Axeda’s mission and product portfolio has also widened.

Over the past few years, Axeda has broadened its focus from helping its customers and partners more easily connect remote objects, devices, systems and services to enabling them to better manage and ultimately monetize the value of their connected worlds as well. It has also shifted its technical focus from hardware-oriented to software-driven solutions, and moved from primarily on-premise to Cloud-powered solutions.

Today, Axeda’s IoT portfolio includes three major components to address three key IoT requirements:

  1. Connect – Middleware
  2. Build – Platform
  3. Manage – Analytics

At the Connexions 2014 conference, Axeda unveiled five new offerings that strengthen its ability to satisfy its customers and partners’ needs in these three areas:

  1. Axeda Connected Builder which moves IoT agent mgmt to the Cloud.
  2. Adaptive Machine Messaging Protocol to provide a standard language for IoT.
  3. Machine Streams for streaming high volumes of data in IoT networks.
  4. Connected Asset Management for Salesforce.com to improve customer support, sales and marketing effectiveness.
  5. Axeda community.axeda.com to encourage greater peer-to-peer collaboration and information sharing of IoT best practices.

One of the most impressive aspects of the Axeda story is the ecosystem of customers and partners it has built. AT&T has been a strategic partner for many years and played a prominent role at Connexion 2014. In fact, the two companies co-hosted a special luncheon on the first day of the conference for the industry analysts attending the event where they shared information about the growing number of customer success stories they are generating together across a variety of vertical markets.

Oracle, Intel, GE, Salesforce.com, Deutsche Telekom and Broadcom also gave keynote presentations at Connexion 2014. In addition, the conference expo included Wipro, Dedicated Computing, Hitachi High-Technologies Corporation, Appirio, Software AG, TeraCode, CaseBank Technologies, HP Vertica, Integron, Lantronix, Mitsui Technologies, Option Wireless Technology, SAS, ServiceMax and Venetia Systems.

While there was plenty of excitement about the boundless opportunities created by the IoT, there was also a healthy amount of practical perspective about the technical, organizational and market barriers to success that still exist.

First, there is no single standard or vendor that can satisfy the end-to-end requirements of most IoT deployments. Therefore, industry collaboration and integration is essential for success.

Second, there are just as many security vulnerabilities as there are network connections in IoT deployments. Many product innovations and policy decisions will be required to combat the rising security threats.

Third, many organizations must understand how the IoT redefines their customer relationships. Capturing and properly utilizing a new level of customer data carries tremendous responsibilities in addition to creating incredible new business opportunities.

Axeda’s Chief Marketing Officer and EVP of Product Strategy, Bill Zujewski, suggested during his keynote presentation that these challenges make it imperative that the IoT vendors and the industry as a whole adopt policies to ensure their products and business practices are in harmony with their customers’ needs to alleviate their concerns. In his view, “harmonize” is the latest level of value created by the rapidly evolving IoT market.

Topics: Axeda Connexion, Internet of Things, IoT Conference, Boston, Jeff Kaplan, THINKstrategies

Insights from Leaders in IoT at Axeda Connexion

Posted by Brittany Calvanese

May 7, 2014 7:42:00 AM

By Steve Hilton, MachNation

At the end of an industry event, we at MachNation like to reflect on some of the insights generated by event participants. In this environment of weekly IoT/M2M events it is not easy finding unique nuggets of wisdom, but occasionally we do. Let's discuss a few insights from discussions and presentations on 6 May at Axeda Connexion 2014.

  1. "Integration is the killer app for IoT," according to Bill Zujewski, CMO of Axeda. This seemingly innocuous idea is packed with importance. While some are often looking for a single application or device that will create disproportionate business value in the IoT ecosytem, they are misguided. The real value of these IoT solutions rests in the integration of device data with back-end business applications in the re-definition of business processes. These integrations can have profound implications on enterprise costs, innovation and new services development.
  2. Minimizing vulnerability to the "bad guys" is critically important in IoT. Security isn't just the responsibility of the CSO, as we have learned recently from the firing of Target's CEO in response to a massive security breach of customer data.  Numerous speakers brought-up the topic of IoT security and its importance. Since many IoT solutions have been deployed by operations technology (OT) staff without too much involvement from the CSO's organization, it becomes even more important to consider the end-to-end security implications of IoT solutions from device, OS, application, connectivity and application integration perspectives. The importance of OT in the IoT decision-making process is one of MachNation's hot topics for 2014. Bringing in some of the well-founded practices from traditional security auditing is one way to drive standard security practices in the deployment of new IoT solutions.
  3. Responsiveness to data creates competitive differentiation and business value. Peter Utzschneider from Oracle highlighted this issue clearly in his keynote address. Enterprises must use IoT data to increase responsiveness across organizations. This responsiveness can be seen in departments as varied as logistics, customer care, field services, maintenance, sales and marketing. Speed, agility and fact-based decision-making create enterprises that outperform their peers.
  4. Intelligence in end-point devices is needed. This point was raised several times during the event. Whether that intelligence needs to sit on the device or on the network is arguable. However, I believe it is true that we need more intelligence logically closer to end-point devices. More intelligence closer to the network edge allows for better, faster, more reliable and more distributed decision-making. It gives us more ability to impact, change, modify and re-direct things/people at the edge of the network. These changes alter the user experience at the edge. In some cases (for example, monitoring an oil pump along a supply line), altering the user experience at the network edge is less important. However, there are other cases (for example, a connected vending machine) where altering the user experience at the network edge is tremendously valuable.
The ecosystem of partners attending Axeda Connexion was strong. Bringing together system integrators, application vendors, platform providers, services providers, communications operators, device manufacturers and chip manufacturers is no small task. But bringing them together with enterprise end-users creates strong value for the entire ecosystem.

Topics: Axeda Connexion, IoT Conference, Steve Hilton, MachNation

Observations from Axeda Connexion 2014

Posted by Brittany Calvanese

May 6, 2014 10:39:00 AM

Axeda Connexion 2014 (Twitter hashtag #CX14) is a who’s-who of enterprises and technology companies that have embraced or are learning how to embrace the connected future. The key themes from this year’s show span business/strategy and technology characteristics of IoT. Let’s take a look at some of the top ones.

Impact of IoT solutions on business process. No doubt that IoT solutions pack all sorts of value for enterprises, but oftentimes we overlook the challenges that enterprises have in re-designing their business processes to take advantage of connectivity, connected devices, sensors and the richness of the data provided by these IoT solutions. Business processes touching all aspects of operations, finance, marketing, sales, customer support and product development can be impacted by new IoT solutions. Enterprises must prepare for these changes -- changes that impact technology, but also human factors within the enterprises. As such, it is critical that enterprises create appropriate change management and training plans. In addition, they need to address additional security and compliance issues that might be impacted by changes in particular business processes. These changes impact large enterprises as well as small/medium businesses that march down the IoT path.

Moving enterprises from product to services companies: striving for competitive differentiation. An age-old adage for many businesses is, “If it isn’t broken, don’t fix it.” But those enterprises that adopt IoT solutions realize that there is something that needs improvement. Sometimes identifying those problems and taking the risks to change require great foresight and executive commitment. Many enterprises that are product-centric recognize the difficulties in creating a sustainable competitive advantage solely based on a product-only business model. So in order to help differentiate their products, these enterprises are adding connectivity to their products and becoming hybrid product/services companies. These changes help diversify the overall revenue characteristics of these firms while building competitive differentiation through enhanced customer loyalty, difficult to replicate product/service offerings and reducing the time-to-market for new service solutions.

Innovative technology solutions being deployed today: enterprise examples. There is tremendous diversity in the types of IoT solutions being deployed today. A quick perusal of attendees and speakers at the Axeda Connexion 2014 event attest to this fact. There are hundreds of enterprise attendees from sectors including healthcare, financial services, manufacturing, automotive/transport, software, distribution and others. The IoT solutions vary from those that have been generally available in markets for years -- like, fleet management -- to those that are in beta-stage today -- like several healthcare solutions in various stages of medical testing. As we expected there was strong presence of IoT solutions in the industrial sector -- the industrial sector being one of the hottest IoT sectors in 2014 according to recent MachNation research. There is a heightened focus on the quality and useability of the data collected from these IoT solutions, recognizing that collection and analysis of data must lead to actions that seek to improve business outcomes.

Application integrations: To reach the goal of extracting maximum value from IoT solutions requires careful integration of enterprise business applications -- like CRM/SFA, ERP, inventory management, accounting/finance, distribution systems and other -- to IoT platforms like the Axeda Machine Cloud. Very few enterprises are implementing IoT solutions as green-field deployments. Most enterprises have existing business applications that require integration with IoT applications and application platforms. Simple approaches and careful project planning are required to ensure data is mapped and shared appropriately between applications. Look to cloud application vendors like Axeda and Salesforce.com that are creating deep business and technology partnerships to ensure the success if these integrations.

Axeda Connexion 2014 continues to attract some of the most progressive enterprises and technology vendors that have embraced the connected future.

About the author -- Steve Hilton is the Managing Director and
co-founder of MachNation, the only Steve Hiltondedicated insight services firm covering the future of the Internet of Things, Internet of everything and connected device ecosystems. His primary areas of expertise include sales enablement, competitive positioning, marketing media development, cloud services, small and medium businesses and sales channels. Steve has 20 years’ experience in technology and communications marketing. Prior to founding MachNation, he built and ran the IoT/M2M and Enterprise practice areas at Analysys Mason. He has also held senior positions at Yankee Group, Lucent Technologies, TDS (Telephone and Data Systems) and Cambridge Strategic Management Group. Steve is a frequent speaker at industry and client events, and publishes articles and blogs in several respected trade journals. He holds a degree in economics from the University of Chicago and a Master’s degree in marketing from Northwestern University’s Kellogg School of Management.

About MachNation -- MachNation is the only dedicated insight services firm covering the future of the Internet of Things, Internet of Everything and connected device ecosystems. MachNation specializes in understanding and predicting these technology sectors including developments in hardware, platforms, communication services and applications. MachNation specialists have provided sales tools and marketing support services to the majority of the world’s leading IT and communications firms.

Topics: IoT, Internet of Things, Steve Hilton, MachNation, Connexion

When the Tool Just Fits – A View From the AT&T Hackathon

Posted by Brittany Calvanese

Jan 9, 2014 4:08:00 PM

By Sara Jarjoura

It’s 2014 and the tech scene is a-buzz with the outcome of the AT&T Hackathon at their Developer Summit in Las Vegas, just prior to CES.  Partners present at the Hackathon - ARM, Qualcomm, Intel, Netgear, SparkFun, MultiTech, Plantronics - all brought great hackable hardware.   As a developer coach for the AT&T M2M Application Platform powered by Axeda, I worked alongside hackers through the night and ultimately had the amazing privilege of seeing one of our teams win an overall grand prize. AT&T made it obvious that they know how to put on a Hackathon, and the result was happy developers unleashing their inner Einsteins (or Teslas if you prefer :)

Teams using our platform were able to build working, end-to-end solutions quickly.  When the SafeNInternet of Thingsecklace team (click here for WSJ coverage) had set up the sample code and hardware, I saw them working out the problem with the tools on the platform and realizing that those tools matched how they were thinking about the problem.  When a DATA VALUE crosses a threshold distance we want to create an ALARM that needs to stay active until CLOSED. We want to set up a RULE that an ALARM will trigger code to run and send alert messages.  They could do everything on the AT&T M2M Platform with no other server needed.

With the agent running on the Kontron M2M Smart Services Developer Kit, an Arduino Due handling simple sensor data, and Axeda’s simple HTTP API protocol called AMMP , (Adaptive Machine Messaging Protocol) I could say yes to any question developers asked. "Can I add a camera?" Yes, plug it into the USB on the Kontron and the agent will send up image files based on a timer or event. "Can I read a simple temperature sensor?" Yes, plug sensor into Arduino and send data up through Kontron. "Can I just use the platform to record data from an Android app?" Yes, simple HTTP POST.

I sensed initial skepticism from several groups of developers. "Just show me how to get data in and out of your platform and I'll code up the rest myself." The developers who looked a little deeper stuck with the platform once they found it could do everything they wanted to do.

AT&T Hackathon
A few of the AT&T and Axeda Sensai's at the AT&T
Hackathon: Chris Meringolo, D'Lani Jean, Sorin Netu,
Joe Rogers, Kevin Holbrook, Sara Jarjoura, Mark
Scheel

Another project was ReportIt, a social emergency notification system that reduces the strain on first responder communication channels.  Kevin Holbrook coded up a working system for theteam in less than 3 hours that was very similar to a system I created 5 years ago with another developer in 3 weeks – an 80% productivity increase gained by leveraging the AT&T M2M Platform.  The system Kevin created had not just dots on a map but also Geofence creation and alerts.  I know it sounds unbelievable but a physical analogy would be like 2 guys with shovels trying to do the same job as 1 guy in a backhoe.  In that example you would believe an 80% productivity difference.  The millions and millions of lines of code and over a decade of real world use in the AT&T M2M platform are not visible but like a backhoe they are there for someone who knows how to use them.

What hardware inspires you?  What could you build with the AT&T M2M Platform?

Topics: M2M, IoT, AT&T Developer Hackathon, Internet of Things, AT&T

Top Wireless Gotchas! Number 4: Carrier Integration

Posted by Brittany Calvanese

Oct 1, 2013 1:37:00 PM

By Bill Zujewski

This is the second post in a multi-part series, which specifically explores the challenges of dealing with wireless technology as part of an M2M (Machine-To-Machine) initiative. The series will offer insights to help designers and developers prepare for and overcome the unique challenges involved with implementation. Today’s post will focus on carrier integration.

Declining costs around cellular components have had a huge impact on how quickly the 'Internet of Things' has grown – its significance cannot be understated. Cheap components have enabled the industry to expand into countless new verticals -- it's also why providers like AT&T have turned their full attention to the M2M industry in a big way.

However, cellular connectivity brings M2M architecture and management considerations.

For one, manufacturers need to  effectively and efficiently ensure that existing connected machine solutions can integrate with cellular infrastructure and mobile carrier business systems.

Here are three other things to consider:

  • On A Data Budget: Manufacturers need real-time visibility into how their communications are performing against their cellular data plan, and need to be able to adjust data plans and data flow when necessary. Otherwise, they risk going over budget.
  • Connectivity Management: Similarly, manufacturers need to be able to understand the status of their connectivity, and the performance and health of their assets at all times. 
  • Asset Management: Finding connected assets in a carrier’s system can be difficult, as the carrier’s system only identifies assets by their SIM ID. This means manufacturers often have to manually associate the asset’s SIM ID with its VIN or serial number – a long and pain-staking process.

The best solution is to leverage M2M platforms that have already achieved integration with carrier systems. This will drastically cut your time-to-market and start-up costs.

Topics: M2M, wireless, IoT, Internet of Things, AT&T

Subscribe to Email Updates